Information Security Specialist

TD Bank


Date: 4 hours ago
City: Toronto, ON
Salary: CA$91,200 - CA$136,800 per year
Contract type: Full time

Job Description:

Responsibilities:

  • Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents for own specialized area.
  • Conduct project consulting on assessment of risk, definition of required controls, appropriateness of implemented control procedures, vulnerability assessments and any other relevant areas.
  • Lead or contribute to completion of risk and control gap assessments for a technology asset portfolio, articulate and document impact of control exceptions to the business and the overall Bank, risk mitigation and remediation plans, remediation strategy document as applicable.
  • Contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Act as Privacy Designate for assigned business unit upon completion of relevant training.
  • Engage in TD Scaled Agile methodology as Risk Market Place (RMP) lead for assigned portfolio, guiding and challenging change delivery artifacts such as Change Risk Assessments.
  • Partner with applicable stakeholders to define control requirements for the System Design Life Cycle technical standard and applicable governance model.
  • Work as risk and control Subject Matter Expert to guide and assess implementation of control automation within devSecOps construct.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against TDBG’s business.
  • Develop ongoing Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Work proactively with technology partners / stakeholders and service/platform owners to ensure all technology security components are integrated into the bank’s overall Enterprise Architecture, and any control gaps are addressed.
  • Consult on Regulatory compliance requirements, reporting and questions.
  • Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities.
  • Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team.
  • Keep current on emerging trends / developments and grow knowledge of the business, analytical tools and techniques.
  • Prioritize and manage own workload to deliver quality results and meet assigned timelines.
  • Support a positive work environment that promotes service to the business, quality, innovation and teamwork and ensure timely communication of issues/ points of interest.
  • Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency.
  • Establish effective relationships across multiple business and technology partners, program and project managers.
  • Participate in knowledge transfer within the team and business units.

Requirements:

  • 7+ years of relevant experience.
  • Expert knowledge of IT security and risk disciplines and practices.
  • Working experience implementing, assessing and/or supporting devSecOps in an Enterprise/highly regulated environment would be an asset.
  • Experience owning and governing Technology Standards would be an asset.
  • Experience developing and implementing KIs would be an asset.
  • Experience with controls automation throughout various stages of SDLC would be an asset.
  • Understanding the dependencies related to application security best practices such as secure coding, security testing techniques.
  • Familiarity with IT service management processes and concepts, including change management, incident management, problem management and configuration management.
  • Knowledge of configuration management technologies (i.e., SaltStack and Ansible), Infrastructure Automation Technologies (i.e., Terraform), Containerization and Cloud Orchestration Technologies (i.e., Kubernetes, Dockers), Windows/Linux and related services (i.e., Active Directory, DNS, MSSQL).
  • Experience implementing and/or supporting a large-scale corporate enterprise solution.
  • Experience with DevOps Concepts and DevOps tooling such as Terraform, GitHub, Jenkins, SaltStack, XL Release, Bit Bucket.
  • Skilled in full software or systems development life cycle, including requirements analysis, design, integration, testing and implementation.
  • Comfortable working with enterprise architecture while collaborating with cross-functional teams to implement solutions.
  • Strong interpersonal and communication skills; ability to work in a team environment.
  • Self-starter/self-motivated; ability to work independently with minimal direction.
  • Technical and business writing experience.
  • Demonstrate solid understanding and experience with systems automation platforms and technologies.
  • May participate on complex, comprehensive or large projects and initiatives.
  • Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors.
  • Generally reports to Senior Manager or above.
  • University degree.
  • Information security certification / accreditation an asset.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Associate Credit Structuring

BMO Financial Group, Toronto, ON
CA$68,000 - CA$126,000 per year
4 hours ago
Provides technical expertise for proactive credit analysis, structuring, pricing, and overall assessment of transactions within the assigned portfolio / jurisdiction. Provides advisory supports to the team to provide insights on the accuracy and consistency of decisions relative to risk strategies, policies, and appetite. Identifies deficiencies and recommends corrective action plans. Makes credit and pricing decisions and recommendations in accordance with...

Cleaner

Hennick Bridgepoint Hospital, Sinai Health, Toronto, ON
5 hours ago
At Sinai Health, we care, create possibilities and offer hope. We are looking for a Cleaner to support our Environmental Services department.Job Outline:The incumbent is required to perform a variety of tasks in connection with the auxiliary duties in the operation of the Environmental Services Department. This includes any special assignments which may be requested by the Environmental Services Department....

Customer Success Manager

Klir, Toronto, ON
6 hours ago
About KlirWe are hiring to make water better!Water, a resource of unparalleled importance, is often deemed the lifeblood of our planet. However, the water industry has long been criticized for its reluctance to innovate and embrace new technologies that could liberate skilled professionals from the tedious, time-consuming administrative work that has burdened their expertise. This reluctance comes at a steep...